Atac eșuat asupra protocolului NEAR Rainbow Bridge Cost Attacker 2.5 ETH

NEAR Protocol Rainbow Bridge was attacked on May 1. No funds have been stolen, and the attacker even lost some money, according to the CEO of Aurora Labs, Alex Shevchenko.

Shevchenko added that additional measures will be taken to ensure that the cost of an attack would increase.

? on the Rainbow Bridge attack today.
TL;DR: attack was stopped automatically, no bridged funds lost, attacker lost some money, bridge architecture was designed to resist such attacks, additional measures to be taken to ensure the cost of an attack attempt is increased
— Alex Shevchenko ?? (@AlexAuroraDev) 1 Mai, 2022

He also posted the address of the attacker, who started with some ETH sent through Tornado Cash. The attempt began on May 1, with the attacker deploying a contract meant to deposit some funds to become a Rainbow Bridge relayer. The attack idea was to send made-up light client blocks.

After a while, one bridge watchdog discovered that the submitted block was not in the NEAR Protocol blockchain and sent a challenge transaction to Ethereum. Shevchenko explains in his tweet,

“As a result, watchdog transaction failed, MEV bot transaction succeeded and rolled back the fabricated block of the attacker. Some min after this, our relayer submitted a new block:”

Shevchenko explains the incident in much more technical detail in his lengthy Twitter thread. He stresses, however, that projects would focus on securitate măsuri,

“I wish everyone who is innovating in the blockchain to pay enough attention to security and robustness of their products through all the available means: automatic systems, notifications, bug bounties, internal and external audits.”

Podul de curcubeu is a cross-chain bridge that lets users transfer assets between the Ethereum, NEAR, and Aurora networks. It was built by Aurora Labs and is known for its user experience.

No respite for DeFi

Attacks on bridges have been on the rise in recent months. The largest of these was the hack of Ronin Bridge, which saw $615 million stolen. Other attacks include Meter and Wormhole.

DEFI market is an attractive target for hackers, given so much money is flowing in. In the first three months of 2022 alone, hackers have stolen peste miliarde de dolari 1.22 de la DEFI space. That’s nearly eight times as much as the same period last year.

It’s for this reason that Shevchenko is stressing that developers focus on security. As more money comes in, attackers will only be more tempted to carry out an attack. Security measures and audits will become paramount to long-term success.

Declinare a responsabilităţii

Toate informațiile conținute pe site-ul nostru web sunt publicate cu bună-credință și numai în scopuri generale. Orice acțiune pe care cititorul o ia asupra informațiilor găsite pe site-ul nostru este strict pe propria răspundere.

Source: https://beincrypto.com/failed-attack-near-protocol-rainbow-bridge-cost-attacker-2-5-eth/